Use Office 365 to help comply with legal, regulatory, and organizational compliance requirements

Here’s a summary of the tools you can use to help your organization meet its compliance requirements:


Get Started

Information rights management (IRM)

Helps prevent sensitive information from being printed, forwarded, saved, edited, or copied by unauthorized people.

To protect content by assigning usage restrictions, Office 365 Enterprise E3 or Office 365 Enterprise E4 is required. All Office 365 Enterprise users can use Office 365 ProPlus or Office Online to open documents that are stored in IRM-protected libraries and documents that are attached to IRM-protected email. When you use Office Online, the documents (Word, Excel, and PowerPoint files) open in your web browser.

Office 365

SharePoint Online

Exchange Online

Data Loss Prevention (DLP)

Identifies, monitors, and protects sensitive email data:

  • Provides default policies that support regulatory standards, including templates for protecting personally identifiable information and payment card data.

You can create additional policies, such as preventing the deletion of email that has specific contents and informing email users before they send a message with content that violates any of your policies.

DLP is available with Office 365 Enterprise E3 and Office 365 Enterprise E4.

Exchange Online

eDiscovery (electronic discovery)

Discovers electronic content for civil litigation or investigation, including content stored in SharePoint Online, Exchange Online, and file shares.

SharePoint Online

Exchange Online

Records management

Manages the lifecycle of documents to comply with your organization’s records management policies:

  • In SharePoint Online, you can prevent important documents from being edited or deleted, and define how long documents must be stored. You can also control the lifecycle of a SharePoint site and its associated site mailbox.

  • In Exchange Online, you can use journaling to record all email communications.

  • In Skype for Business Online, you can archive conversations.

SharePoint Online

Exchange Online

Lync 2013

Information management policies

Enforces compliance with information management processes and regulations. Predefined policies include:

  • Document usage auditing

  • Expiring out-of-date content

  • Retention policies

SharePoint Online

Transport rules

Looks for specific conditions in messages that pass through your organization, and then takes action on them. For example, you can:

  • Limit interaction between recipients and senders

  • Prevent inappropriate content

  • Filter confidential information

  • Apply disclaimers

  • Redirect inbound or outbound messages

Exchange Online

Audit logging

Tracks specific changes:

  • SharePoint Online: track changes that are made to site collections.

  • Exchange Online: track changes that are made by administrators, and track whenever a mailbox is accessed by someone other than the person who owns the mailbox.

SharePoint Online

Exchange Online

Additional Resources

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!